diff options
| author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-09-21 19:19:07 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2022-09-22 06:59:46 +0200 |
| commit | 5a04d2d705926c4691d26307b0125cfb290e6ee7 (patch) | |
| tree | d72b5ffbc568245cbd2b3992eb815f4128a52e3d /ChangeLog.txt | |
| parent | bae5a7d8587d3c1c7fd0ca466a80bb744833c012 (diff) | |
| download | current-5a04d2d705926c4691d26307b0125cfb290e6ee7.tar.gz | |
Wed Sep 21 19:19:07 UTC 202220220921191907
ap/cups-2.4.2-x86_64-3.txz: Rebuilt.
Fixed crash when using the CUPS web setup interface:
[PATCH] Fix OpenSSL crash bug - "tls" pointer wasn't cleared after freeing
it (Issue #409).
Thanks to MisterL, bryjen, and kjhambrick.
Fixed an OpenSSL certificate loading issue:
[PATCH] The OpenSSL code path wasn't loading the full certificate
chain (Issue #465).
Thanks to tmmukunn.
Diffstat (limited to 'ChangeLog.txt')
| -rw-r--r-- | ChangeLog.txt | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 5254b941..0e5583cd 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,46 @@ +Wed Sep 21 19:19:07 UTC 2022 +ap/cups-2.4.2-x86_64-3.txz: Rebuilt. + Fixed crash when using the CUPS web setup interface: + [PATCH] Fix OpenSSL crash bug - "tls" pointer wasn't cleared after freeing + it (Issue #409). + Thanks to MisterL, bryjen, and kjhambrick. + Fixed an OpenSSL certificate loading issue: + [PATCH] The OpenSSL code path wasn't loading the full certificate + chain (Issue #465). + Thanks to tmmukunn. ++--------------------------+ +Wed Sep 21 18:30:30 UTC 2022 +ap/cups-2.4.2-x86_64-2.txz: Rebuilt. + Install pkgconfig file to the proper directory. +l/libbluray-1.3.3-x86_64-1.txz: Upgraded. +l/system-config-printer-1.5.18-x86_64-1.txz: Upgraded. +n/bind-9.18.7-x86_64-1.txz: Upgraded. + This update fixes bugs and the following security issues: + Fix memory leak in EdDSA verify processing. + Fix serve-stale crash that could happen when stale-answer-client-timeout + was set to 0 and there was a stale CNAME in the cache for an incoming query. + Fix memory leaks in the DH code when using OpenSSL 3.0.0 and later versions. + The openssldh_compare(), openssldh_paramcompare(), and openssldh_todns() + functions were affected. + When an HTTP connection was reused to get statistics from the stats channel, + and zlib compression was in use, each successive response sent larger and + larger blocks of memory, potentially reading past the end of the allocated + buffer. + Prevent excessive resource use while processing large delegations. + For more information, see: + https://kb.isc.org/docs/cve-2022-38178 + https://kb.isc.org/docs/cve-2022-3080 + https://kb.isc.org/docs/cve-2022-2906 + https://kb.isc.org/docs/cve-2022-2881 + https://kb.isc.org/docs/cve-2022-2795 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38178 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3080 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2906 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2881 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2795 + (* Security fix *) +n/nghttp2-1.50.0-x86_64-1.txz: Upgraded. ++--------------------------+ Tue Sep 20 22:50:28 UTC 2022 a/kernel-generic-5.19.10-x86_64-1.txz: Upgraded. a/kernel-huge-5.19.10-x86_64-1.txz: Upgraded. |